• Germany
  • Joined on 2024年09月25日
beheh commented on issue allauth/django-allauth#4639 2025年12月15日 20:10:39 +01:00
Headless signup response is identical whether a registered or unregistered email address is supplied.

It sounds like you're running into ACCOUNT_PREVENT_ENUMERATION. In that case, the response of the endpoints is specifically chosen so that an attacker can not check whether a user accounts exist.

beheh pushed to steam-provider-fixes at beheh/django-allauth 2025年11月26日 19:47:57 +01:00
2137d14cec fix(steam): error handling during OpenID discovery
4e0745582b fix(headless/jwt): remove faulty assert
a74fbec244 fix(openid): handle InvalidOpenIDNamespace during callback
Compare 3 commits »
beheh commented on pull request allauth/django-allauth#4616 2025年11月26日 15:15:27 +01:00
fix(steam): error handling during OpenID discovery

Okay, I've added two basic tests for the steam provider. I think that's appropriate, as the generic openid provider doesn't have redirect.

beheh pushed to steam-provider-fixes at beheh/django-allauth 2025年11月26日 15:10:12 +01:00
8bb2535267 fix(steam): error handling during OpenID discovery
beheh pushed to steam-provider-fixes at beheh/django-allauth 2025年11月26日 15:06:20 +01:00
0e9913045d fix(steam): error handling during OpenID discovery
9eb27dc0ce feat(idp): JWT access token support
7ae645201d chore(deps): bump actions/checkout from 5 to 6
f1587a537f docs(ChangeLog): added headless steam redirect
6d20f69367 feat(shopify): support email_verified
Compare 5 commits »
beheh pushed to steam-provider-fixes at beheh/django-allauth 2025年11月26日 15:05:10 +01:00
9ae05290d2 fix(steam): error handling during OpenID discovery
beheh pushed to steam-provider-fixes at beheh/django-allauth 2025年11月26日 14:59:33 +01:00
bf4c4fc164 fix(steam): error handling during OpenID discovery
beheh pushed to steam-provider-fixes at beheh/django-allauth 2025年11月26日 14:55:01 +01:00
86d29848f5 fix(steam): error handling during OpenID discovery
beheh pushed to openid-handle-callback-exceptions at beheh/django-allauth 2025年11月26日 14:51:07 +01:00
a74fbec244 fix(openid): handle InvalidOpenIDNamespace during callback
9eb27dc0ce feat(idp): JWT access token support
7ae645201d chore(deps): bump actions/checkout from 5 to 6
f1587a537f docs(ChangeLog): added headless steam redirect
6d20f69367 feat(shopify): support email_verified
Compare 5 commits »
beheh pushed to openid-handle-callback-exceptions at beheh/django-allauth 2025年11月26日 14:47:02 +01:00
2bb0246c37 fix(openid): handle InvalidOpenIDNamespace during callback
beheh commented on pull request allauth/django-allauth#4616 2025年11月26日 14:43:38 +01:00
fix(steam): error handling during OpenID discovery

I'll still add a test for this.

beheh created pull request allauth/django-allauth#4617 2025年11月26日 12:31:48 +01:00
fix(openid): handle InvalidOpenIDNamespace during callback
beheh pushed to openid-handle-callback-exceptions at beheh/django-allauth 2025年11月26日 12:26:02 +01:00
965cd9b3b6 fix(openid): handle InvalidOpenIDNamespace during callback
beheh pushed to openid-handle-callback-exceptions at beheh/django-allauth 2025年11月26日 12:21:20 +01:00
93427f67e0 fix(openid): handle InvalidOpenIDNamespace during callback
beheh created branch openid-handle-callback-exceptions in beheh/django-allauth 2025年11月26日 12:21:20 +01:00
beheh commented on pull request allauth/django-allauth#4616 2025年11月26日 12:04:57 +01:00
fix(steam): error handling during OpenID discovery

I'm also aware of another similar case in the callback view, where client.begin can throw when the user-supplied parameters are invalid. Not sure if you also want that here, on in a separate PR.

beheh created pull request allauth/django-allauth#4616 2025年11月26日 12:03:17 +01:00
fix(steam): error handling during OpenID discovery
beheh pushed to steam-provider-fixes at beheh/django-allauth 2025年11月26日 11:57:04 +01:00
0323dadfee fix(steam): error handling during OpenID discovery
beheh pushed to steam-provider-fixes at beheh/django-allauth 2025年11月26日 11:55:42 +01:00
90f985f1b8 fix(steam): error handling during OpenID discovery
050d8f8def feat(steam): support headless login via redirect
73fd51e101 chore: opening 65.14.0-dev
Compare 3 commits »
beheh created branch steam-provider-fixes in beheh/django-allauth 2025年11月26日 11:55:42 +01:00